In an impressive debut release, Elemental Security’s Elemental Compliance System 1.1 advanced the cause of enterprisewide system monitoring and access control with exceptional reporting and granular policy management. Version 2.0 of the agent-based system, renamed ESP (Elemental Security Platform), advances on both of these fronts by broadening the client platform support and adding more than 300 new predefined rules.

ESP 2.0 comes with “more” in just about every aspect of the program. The policy server can now handle as many as 10,000 agents in this release, up from 4,000. Software agents are now available for a much wider range of platforms, with new support for Solaris 10 and RHEL (Red Hat Enterprise Linux) 4.0, AIX 5.2 and 5.3, HP-UX 11i, and Mac OS X operating systems. Server platform support has also been extended. Previously, the server ran only on RHEL 3.0 but now supports RHEL 4.0 and Solaris 8, 9, and 10.

Policies specific to the new OS platforms are available in 2.0. New regulatory policies for HIPAA and PCI (Payment Card Industry) requirements are included, as are policies governing the use of anti-spyware and anti-virus products. ESP 2.0 also comes with Cisco NAC (Network Admission Control)-enabled policies, allowing ESP to weave into a Cisco NAC environment. Elemental has made it easier to get a policy in place and has built in a new scheduling engine that enables time-of-day enforcement and time-based exceptions.

Already deep and extensive in Version 1.0, reporting also receives major improvements with a whole list of new business-level reports, inventory reports (hardware, software, and patch levels), and additional remediation reports. All in all, ESP 2.0 looks like a tremendous update to an already powerful security system.